By Michael Kern
As the global supply chain struggles from the aftershocks of the pandemic, spreading the suffering to nearly every industry, cyber criminals vultures are descending on the vulnerabilities to create more dangerous disruption.
According to a report from cyber intelligence firm Intel 471, all key sectors in the global supply chain are now being targeted by cybercriminals.
“We’ve witnessed ransomware attacks on the shipping industry throughout the year, which has undoubtedly put a constraint on companies that are already stretched thin due to the pandemic,” the report said.
In recent months, cybercriminals have been attempting to sell the network access credentials of several shipping and logistics companies on the cybercrime underground market.
Without naming the companies, Intel 471 said that the targeted organizations included transportation companies in the United States, a Japanese container shipping firm and several logistics firms based in the UK, Singapore and the U.S.
“The criminals – ranging from newcomers to prolific network access brokers-obtained the network credentials through widely known vulnerabilities in remote access solutions including Remote Desktop Protocol, Citrix and SonicWall”, the report said.
So far this year, major U.S. trucking company Marten Transport has been hit in a cyberattack in October that significantly disrupted operations, resulting in data theft. The Port of Houston was also targeted in a cyberattack in August.
Since early 2020, ransomware attacks on shipping and logistics firms have skyrocketed.
According to cybersecurity services company BlueVoyant, some 93% of global organizations have suffered a direct breach due to weaknesses in their supply chains since last year. The average number of breaches experienced in the past 12 months grew from 2.7 in 2020 to 3.7 in 2021. That represents a 37% increase year-on-year.
Additionally, the number of companies coming forward to admit they have no way of knowing if a breach has occurred in their supply chain rose from 31% to 38%.
Overall, global ransomware attacks soared in 2020 with a 158% spike in North America over the previous year and 62% globally. The total amount paid (at least among those incidents reported) was $350 million, a 311% increase over 2019.
While it was surging globally in 2020, it was really the ransomware attack on a major U.S. fuel pipeline company, Colonial Pipeline, that got the attention of authorities worldwide.
The White House has expressed concern about ransomware attacks on critical infrastructure, with President Joe Biden issuing an executive order to improve the nation’s cybersecurity and protect federal government networks.
U.S. intelligence officials have blamed hackers based in Russia for several attacks on U.S.-based companies.
In addition to the Colonial Pipeline attack, there were also thousands of Microsoft Exchange Server zero-day attacks, SolarWinds data breach, Kaseya ransomware attack as well as supply disruption at meatpacker JBS.
Following those attacks, Biden met with Russian President Vladimir Putin in Geneva to discuss acting against hacking groups. Biden said he handed Putin a list of 16 sectors such as energy, health care and water services that the U.S. insists are out of bounds to attacks.
The Russian government has denied any involvement in the attacks, with Putin saying that most hacking crimes originate in the U.S., not Russia.
But the global supply chain, in the meantime, is showing extreme vulnerability thanks in part to greater digitization of operations.